Publish #2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish | |
| on: | |
| release: | |
| types: [published] | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| id-token: write | |
| jobs: | |
| publish: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Setup Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| registry-url: https://registry.npmjs.org | |
| cache: npm | |
| - name: Ensure versions match | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| PKG_VERSION="$(node -p "require('./package.json').version")" | |
| JSR_VERSION="$(node -p "require('./jsr.json').version")" | |
| TAG_NAME="${{ github.event.release.tag_name }}" | |
| if [[ "$PKG_VERSION" != "$JSR_VERSION" ]]; then | |
| echo "Version mismatch: package.json=$PKG_VERSION, jsr.json=$JSR_VERSION" | |
| exit 1 | |
| fi | |
| if [[ "$TAG_NAME" != "v$PKG_VERSION" && "$TAG_NAME" != "$PKG_VERSION" ]]; then | |
| echo "Release tag '$TAG_NAME' does not match version '$PKG_VERSION' (expected '$PKG_VERSION' or 'v$PKG_VERSION')." | |
| exit 1 | |
| fi | |
| - name: Install dependencies | |
| run: npm install --ignore-scripts --no-package-lock | |
| - name: Publish to npm | |
| run: npm publish --access public --provenance | |
| - name: Publish to JSR | |
| run: | | |
| # Trusted publishing should authenticate via OIDC; token is intentionally not required here. | |
| npx jsr publish --provenance | |